Date: Saturday, January 10, 2015 @ 06:30:09
Author: iulius
Revision: 9786
Do not mention that TLS compression will be disabled in the next INN release
As the CRIME attack is not exploitable in NNTP, disabling TLS compression
by default is pointless. No vulnerability in TLS compression is
currently known as far as NNTP is concerned.
Modified:
branches/2.5/doc/pod/inn.conf.pod
--------------+
inn.conf.pod | 5 ++---
1 file changed, 2 insertions(+), 3 deletions(-)
Modified: inn.conf.pod
===================================================================
--- inn.conf.pod 2015-01-10 14:25:18 UTC (rev 9785)
+++ inn.conf.pod 2015-01-10 14:30:09 UTC (rev 9786)
@@ -1060,7 +1060,8 @@
=back
Finally, here are the parameters that can be used to tighten the level
-of security provided by TLS/SSL:
+of security provided by TLS/SSL in case new attacks exploitable in NNTP
+on the TLS protocol or some supported cipher suite are discovered:
=over 4
@@ -1074,8 +1075,6 @@
Whether to enable or disable SSL/TLS compression support. This is a
boolean and the default is true, that is to say compression is enabled.
-(Note that the default value will be false in the next major release
-of INN.)
=item I<tlseccurve>